﻿<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<?php
if (!(isset($_SESSION["id"]))) {
header("Location: index.php");
exit();
}
?>
<?php
include("siteName.php");
require("dbInc.php");
if (isset($_POST["btnChange"])) {
$mysqliObj = new mysqli($dbHost, $dbUser, $dbPass, $dbDB);
$sql = sprintf("select vPassword from %s where id = %s;", $tableUsers, $_SESSION["id"]);
$res = $mysqliObj->query($sql);
if ($res->num_rows > 0) {
$row = $res->fetch_assoc();
if ($row["vPassword"] == $_POST["txtOldPassword"]) {
if (($_POST["txtNewPassword1"] == $_POST["txtNewPassword2"]) && strlen($_POST["txtNewPassword1"]) > 0) {
$sql = sprintf("update %s set vPassword = '%s' where id = %s;", $tableUsers, mysqli_real_escape_string($mysqliObj, $_POST["txtNewPassword1"]), $_SESSION["id"]);
$mysqliObj->query($sql);
$msg = "Your password has been changed to the new one";
} else {
$msg = "You must enter matching new password values";
}//end of checking new password values
} else {
$msg = "The current password you entered is incorrect";
}//end of checking if old password matches
}//end of checking num_rows
$mysqliObj->close();
}//end of checking if form submitted
?>
<title>Change password</title>
<link type="text/css" rel="stylesheet" href="styles.css" />
<script type="text/javascript" language="javascript">
function checkMsg() {
var msg = "<?php echo $msg; ?>";
if (msg.length > 0) {
alert(msg);
}
}//end of checkMsg function
</script>
</head>
<body onload="checkMsg();">
<iframe name="logoFrame" id="logoFrame" src="logo.htm" border="0" height="120" align="top" frameborder="0" marginheight="0" width="100%" scrolling="no">
<a href="http://www.blindza.co.za/" target="_blank">
<img src="logo/blindza_logo_smaller46.jpg" alt="blindZA.co.za logo - white text on black background, with white border - and red braille version hovering in front of normal text" width="317" height="103" border="0" />
</a>
</iframe>
<a href="index.php">Back to entry page</a>
<h2>Change password</h2>
<p>If you want to change your password, just enter the current one below, and then enter the new one twice, and if you don't know what your current password is, go to the <a href="login.php">Login</a> page, and use the Forgot password button.</p>
<form action="changePassword.php" method="post" enctype="multipart/form-data" onsubmit="return validateForm(this);">
<table align="center">
<tr>
<th align="right">Current/old password</th>
<td>
<input type="password" name="txtOldPassword" id = "txtOldPassword" />
</td>
</tr>
<tr>
<th align="right">New password</th>
<td>
<input type="password" name="txtNewPassword1" id = "txtNewPassword1" />
</td>
</tr>
<tr>
<th align="right">Re-enter new password</th>
<td>
<input type="password" name="txtNewPassword2" id = "txtNewPassword2" />
</td>
</tr>
<tr>
<th align="center" colspan="2">
<input type="submit" name="btnChange" value="Change password" />
</th>
</tr>
</table>
</form>
</body>
</html>
